<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<meta name="keywords" content="SecuLution online documentation, web online help, web help" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<link rel=stylesheet href="default.css" type="text/css" /><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

 <TITLE>SecuLution Dokumentation - configure automated tasks</TITLE>
<STYLE type="text/css">
.t0i { font-family: Tahoma, Verdana; font-size: 11px; color: #000000; text-decoration: none } 
  .i0tab { border: 0; border-collapse: collapse; }
  .i0ind { border: 0; Height: 16px }
</STYLE>
</HEAD>
<BODY bgcolor="white" style="margin: 0; border: none; padding: 0px">
<!-- !chm2web! -->
   
<TABLE bgcolor="white" width="100%" border="0" cellpadding="3">
 <TR>
  <TD align="left" width="100" nowrap>
   <a href="http://www.seculution.com" target="_top">Home</a> &nbsp;&nbsp;
  </TD>
  <TD align="center"  nowrap>
   <b><font size="3pt" color="black">SecuLution Dokumentation</font></b>
  </TD>
  <TD align="right" width="120" nowrap>
   <a href="configuration_agent.htm">back</a>
   <a href="import_trusted_applications.htm">next</a>
  </TD>
 </TR>
</TABLE>
<TABLE width="100%" border="1" cellpadding="5">
<TR valign="top">
  <TD width="200" bgcolor="white" nowrap><table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="welcome.htm" ><span      >Welcome</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="principle.htm" ><span      >SecuLution technique and terminology</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Quick start</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="quickstart_test_setup.htm" ><span      >Test setup in 30 minutes</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="best_practice_everyday.htm" ><span      >Best practice in everyday use</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="quickstart_full_setup.htm" ><span      >Full setup and deployment in 5 hours</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Installation of components</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="server_appliance_installation.htm" ><span      >Install Appliance</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="adminwizard_installation.htm" ><span      >AdminWizard installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="agent_installation.htm" ><span      >Agent installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="syslog_server_installation.htm" ><span       >Syslog server installation</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Initial configuration tasks</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="configure_basic_settings.htm" ><span       >Configure basic settings</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="configuration_agent.htm" ><span       >Agent configuration</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="schedule_tasks.htm" ><span class="chitemsel" >Configure automated tasks</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Manage whitelist</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Initial whitelist generation</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="import_trusted_applications.htm" ><span       >Import trustworthy software</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="lernmode.htm" ><span       >Learn mode</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="check_deployment.htm" ><span       >Check deployment and learning progress</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="audit.htm" ><span       >Audit</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Add entries to whitelist</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="dragndrop.htm" ><span       >Drag'n'drop</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="individual_lernmode.htm" ><span       >Individual lernmode</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="import_from_directory.htm" ><span       >Import from directory</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="plu.htm" ><span       >PermanentLernUser</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="log_alarms.htm" ><span       >Log alarms</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Cleanup whitelist</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="manually_delete_orphaned.htm" ><span       >Manually delete unused entries</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="delete_from_pattern.htm" ><span       >Delete entries using a pattern</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="ruleset.htm" ><span       >Clean up classifications</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Actions</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="actions.htm" ><span       >Actions</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="45" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="valid_for.htm" ><span       >Referring rules to objects</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Offline mode</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="offline_mode.htm" ><span       >Offline mode</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Devices</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="usb_device_management.htm" ><span       >USB device management</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="usb_device_encryption.htm" ><span       >USB device encryption</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>RCM</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="setup_rcm.htm" ><span       >Agent deployment (RemoteClientManagement)</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>ArpWatch</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="arpwatch.htm" ><span       >ArpWatch</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/1.gif" alt=""></td><td align=left>
<b>Logs</b></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="30" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="logs.htm" ><span       >Logs</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="faq.htm" ><span       >FAQ</span></a></td>
</tr></table>

<table class="i0tab"><tr class="t0i">
  <td width="15" valign="top" align="right" nowrap>
<img class="i0ind" src="files/11.gif" alt=""></td><td align=left>
<a href="setup.ini.htm" ><span       >setup.ini</span></a></td>
</tr></table></TD>
  <TD bgcolor="white">
  
<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
</head>
<h1>Configure automated tasks</h1>

<p>Most tasks that you would normally do manually in the
AdminWizard's GUI can be automated in scripts. A detailed
description of how to use command line arguments for the
AdminWizard in a script can be found in the file
"example-script.bat" which is located in the AdminWizards
directory.</p>

<ul>
<li>Go to the directory in which the AdminWizard is installed
("C:\Program Files (x86)\SecuLution\AdminWizard")</li>

<li>Copy the file "example-script.bat to a new file (e.g.
"nightly.bat")</li>

<li>Edit "nightly.bat" according to your needs</li>

<li>Start the AdminWizard in GUI mode</li>

<li>Select <strong>Extra &gt; Scripting &gt; Store password in
registry</strong> from the main menu</li>

<li>Select <strong>Extra &gt; Directories &gt; MS-Active-Directory
&gt; Update now</strong> from the main menu</li>

<li>For WSUS import make sure that "download update files to this
server only when updates are approved" is not turned on (WSUS
config, Update Files and Languages):<br>
<img alt="" src="i/001151.png"></li>

<li>Start Windows task scheduler</li>

<li>Configure an automated task to run the script "nightly.bat" (at
least 90 minutes after WSUS sync)</li>

<li>The option "start in" must be set to the AdminWizards
directory</li>
</ul>
<img title="Scheduler" alt="Scheduler" src="i/000705.png"><br>
<br>
Remove "REM" of variable "logfile" in script to write a
logfile.<br>

<hr>

<p>Example-Script.bat, from AdminWizard install directory:</p>

<p><br>
</p>
<span style="font-family: Courier New,Courier,monospace;">@echo
off<br>
<br>
rem
############################################################<br>
rem Example script to run the SecuSurf-AdminWizard in batch
mode<br>
rem
############################################################<br>
<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
rem IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT IMPORTANT<br>
<br>
rem Some features require configuration which are made in the<br>
rem SecuLution AdminWizard running in GUI mode! !!!READ THIS!!!<br>
<br>
rem ##### THIS FILE WILL BE OVERWRITTEN
########################<br>
rem Please copy this file to a new name since this example<br>
rem script will be overwritten with new updates. Then<br>
rem edit the new file and configure the options as desired!<br>
<br>
rem ##### LOGIN PASSWORD REQUIRED
##############################<br>
rem The AdminWizard needs a password to login to the SecuLution<br>
rem appliance. To stored the password encrypted in the registry<br>
rem start the AdminWizard into GUI mode, login, select menu<br>
rem Extra/Scripting/store password in registry<br>
<br>
rem ##### WSUS IMPORT
##########################################<br>
rem Because unpacking hotfix files for XP and Windows 2003 may<br>
rem require the execution of these files, it is recommended to<br>
rem run this script as administrator with high privileges and<br>
rem UAC turned off.<br>
<br>
rem ##### LDAP ROOT REQUIRED
###################################<br>
rem In order to replicate objects from your ActiveDirectory the<br>
rem AdminWizard needs to know the LDAP root to use. This will
be<br>
rem configured upon first start of the replication process in
in<br>
rem GUI mode. Start the AdminWizard and select the menu<br>
rem Extra/Directories/MS-Active-Directory/update now<br>
<br>
rem
############################################################<br>
rem #### END OF IMPORTANT REQUIREMENTS
#########################<br>
rem
############################################################<br>
<br>
<br>
<br>
rem
############################################################<br>
rem #### VARIABLES #########################<br>
rem
############################################################<br>
<br>
rem if %logfile% is not defined, no logs will be written<br>
rem set logfile=D:\Logs\SecuLution-Script-logfile.txt<br>
<br>
rem usage of a sample computer is recommended<br>
rem set masterimage=nameofsamplecomputer<br>
<br>
rem Convert German date notation dd.mm.yyyy to ISO date
yyyy-mm-dd<br>
for /f "delims=. tokens=1,2,3" %%a in ('echo %date%') do set
isodate=%%c-%%b-%%a<br>
<br>
rem
############################################################<br>
rem #### END OF VARIABLES #########################<br>
rem
############################################################<br>
<br>
<br>
rem
############################################################<br>
rem Recommended configuration<br>
rem remove "rem" from all required "call" and "start" lines<br>
rem
############################################################<br>
<br>
rem make sure no remaining instance is running<br>
rem recommended without modification<br>
rem call:messageoutput "terminate"<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem delete unneeded WSUS entries to keep ruleset small<br>
rem recommended without modification<br>
rem call:messageoutput "deleteoldwsusentries"<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldwsusentries 60<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem delete orphaned entries to keep ruleset small<br>
rem recommended without modification<br>
rem call:messageoutput "deleteoldentries"<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldentries 180<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import new files from trusted path (if applicable)<br>
rem see details below, configure path<br>
rem call:messageoutput "importdir"<br>
rem start /w SecuSurfAdminWizard.exe -importdir
"\\%masterimage%\c$\"
"scriptmode;-importdir;%masterimage%;%isodate%"<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) files from trusted path<br>
rem see details below, configure path<br>
rem call:messageoutput "importexpand"<br>
rem start /w SecuSurfAdminWizard.exe -importexpand y:\Software\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) ONE file<br>
rem see details below, configure path<br>
rem call:messageoutput "importexpandfile"<br>
rem start /w SecuSurfAdminWizard.exe -importexpandfile
y:\download\setup.exe<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import and expand (msi/zip/rar/...) new or changed files from
trusted path<br>
rem see details below, configure path<br>
rem call:messageoutput "importifchanged"<br>
rem start /w SecuSurfAdminWizard.exe -importifchanged
y:\Software\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import new WSUS entries<br>
rem see details below, configure path<br>
rem call:messageoutput "wsus"<br>
rem start /w SecuSurfAdminWizard.exe -wsus d:\wsus\wsuscontent\<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem import ActiveDirectory objects Groups, Computers and Users<br>
rem recommended without modification<br>
rem call:messageoutput "updatead"<br>
rem start /w SecuSurfAdminWizard.exe -updatead<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem save and create backup of SecuSurf database<br>
rem recommended, configure path<br>
rem call:messageoutput "exportruleset"<br>
rem start /w SecuSurfAdminWizard.exe -exportruleset
d:\backups\SecuSurf-Backup-%isodate%.ssf<br>
rem call:Errorreporting %ERRORLEVEL%<br>
<br>
rem
############################################################<br>
rem END OF Recommended configuration<br>
rem
############################################################<br>
<br>
<br>
<br>
<br>
rem
############################################################<br>
rem Detailled information about the different command lines
follow<br>
rem
############################################################<br>
<br>
<br>
rem
############################################################<br>
rem ##################### no password
##########################<br>
rem
############################################################<br>
rem When the AdminWizard is prepared to be started in script<br>
rem mode, the login password is being stored in the registry as<br>
rem explained above. You can create a shortcut to start the<br>
rem AdminWizard without prompting for a login password.<br>
rem
############################################################<br>
rem SecuSurfAdminWizard.exe -dontaskforpassword<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### TERMINATE
############################<br>
rem
############################################################<br>
rem Only one instance of SecuSurfAdminWizard may run at a time<br>
rem on one computer. In case an earlier instance did not<br>
rem terminate properly, all running instances can be closed<br>
rem using the -terminate switch.<br>
rem
############################################################<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -terminate<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT ONE FILE
######################<br>
rem
############################################################<br>
rem Import ONE new program into SecuSurfs database, no matter<br>
rem if this program is new or not. The file will not be
expanded<br>
rem (unpacked).<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -import
z:\Software\New-Version.exe<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT RECURSIVE
#####################<br>
rem
############################################################<br>
rem Import all programs from the given directory and all sub-<br>
rem directories into SecuSurfs database. The only difference to<br>
rem the -import command is that this command does not import<br>
rem ONE program, but ANY program fron the given directory and<br>
rem all subdirectories.<br>
rem<br>
rem Note:<br>
rem This command imports all programs WITHOUT expanding packed<br>
rem programs and regardless if the program may already have
been<br>
rem previously imported.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importdir z:\Software\<br>
<br>
<br>
rem
############################################################<br>
rem ################# IMPORT RECURSIVE AND EXPAND
##############<br>
rem
############################################################<br>
rem This command imports the contents of any directory and all<br>
rem subdirectories, unpacks (expands) any file which has been<br>
rem compressed with commonly used packing algorhythms and
import<br>
rem the content of the file. Recursive depth is 5.<br>
rem<br>
rem Note:<br>
rem This command will regard any file as new if the fileNAME
has<br>
rem been changed since the last time the command was used on
the<br>
rem same directory or if the filename has never been found in<br>
rem that directory before. Files which have been replaced by a<br>
rem new version but still have the same name will NOT be
imported.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -importexpand switch should _NOT_ have the
SecuSurf-Agent<br>
rem running because extracting files may require starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem During the very first run of this program no files are
added<br>
rem to SecuSurfs database. Any further execution of this
command<br>
rem will import all files that have been added since the last
time<br>
rem the command was run.<br>
rem<br>
rem Note:<br>
rem Supports unpacking CAB, EXE, ZIP, RAR, MSI and many more<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importexpand
d:\deployment\content\<br>
<br>
<br>
rem
############################################################<br>
rem ##### IMPORT and EXPAND (unpack) ONE FILE (recursive)
######<br>
rem
############################################################<br>
rem This command will import one file, unpack (expand) it (if<br>
rem compressed with commonly used packing algorhythms) and
import<br>
rem the content of the file. Recursive depth is 5.<br>
rem<br>
rem Note:<br>
rem This command will process any given file even it was
imported<br>
rem before.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -importexpand switch should _NOT_ have the
SecuSurf-Agent<br>
rem running because extracting files may require starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem Supports unpacking CAB, EXE, ZIP, RAR, MSI and many more<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importexpandfile
y:\download\setup.exe<br>
<br>
<br>
rem
############################################################<br>
rem ############ IMPORT and EXPAND all NEW files
###############<br>
rem
############################################################<br>
rem Periodically import the contents of a Software-Distribution<br>
rem directory which contains trusted software into SecuSurfs<br>
rem database. Start this whenever new software was stored.<br>
rem The command will look for changed files since the last run<br>
rem of this command on the same directory.The detection<br>
rem is based on the "Last Changed" date of the file.<br>
rem<br>
rem Note:<br>
rem The command does NOT look for file NAMES and will re-<br>
rem import a file with the same name if the contents of<br>
rem the file have changed.<br>
rem<br>
rem Note:<br>
rem During the very first run of this program no files are
added<br>
rem to SecuSurfs database. Any further execution of this
command<br>
rem will import all files that have changed since the last time<br>
rem the command was run.<br>
rem<br>
rem Note:<br>
rem Do not use this command to import WSUS updates since the<br>
rem WSUS cleanup wizard will touch all files and therefore mark<br>
rem them as NEW.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -importifchanged
y:\SoftwareDistributionPath<br>
<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### IMPORT WSUS
##########################<br>
rem
############################################################<br>
rem Periodically import the contents of the WsusContent
Directory<br>
rem or any other directory which contains trusted software<br>
rem into SecuSurfs database. Start this command 30 minutes
after<br>
rem your WSUS server has downloaded the latest patches from<br>
rem Microsoft. The command will look for unknown files, extract<br>
rem them and import them into SecuSurfs database.<br>
rem<br>
rem Because unpacking hotfix files for XP and Windows 2003 may<br>
rem require the execution of these files, it is recommended to<br>
rem run this script as administrator with high privileges and<br>
rem UAC turned off.<br>
rem<br>
rem Note:<br>
rem The command looks for unknown file NAMES and will not re-<br>
rem import a file with the same name even if the contents of<br>
rem the file have changed.<br>
rem<br>
rem Note:<br>
rem The host on which the Admin-Wizard is being started with<br>
rem the -wsus switch should _NOT_ have the SecuSurf-Agent<br>
rem running because extracting files requires starting them,<br>
rem which will be blocked for new patches if the agent is
running!<br>
rem<br>
rem Note:<br>
rem If your WSUS Server will provide patches for Windows Vista<br>
rem or later versions while your WSUS Server runs on Win2k3,
you<br>
rem will need a new version of EXPAND. See this link<br>
rem
http://technet.microsoft.com/en-us/library/cc722332(v=ws.10).aspx<br>

rem You may also run the command on an OS which includes a
version<br>
rem of expand.exe which is capable of IDC like Windows Vista
and<br>
rem later versions.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -wsus d:\wsus\wsuscontent\<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### RELOAD AD OBJECTS
####################<br>
rem
############################################################<br>
rem Update all users, groups and computers from the
ActiveDirectory<br>
rem into SecuSurf database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -updatead<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ################## DELETE OLD ENTRIES
######################<br>
rem
############################################################<br>
rem Removes entries from SecuSurfs database that have not been<br>
rem used for x days.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldentries 180<br>
<br>
<br>
rem
############################################################<br>
rem ################ DELETE OLD WSUS ENTRIES
###################<br>
rem
############################################################<br>
rem Removes WSUS entries from SecuSurfs database that have not<br>
rem been used for x days by any client.<br>
rem Depending on the configuration of the WSUS server, WSUS can<br>
rem import more than 100 new signatures every day. All these<br>
rem signatures can be safely deleted from the database after<br>
rem they have not been used by any client for 60 days to avoid<br>
rem an infinite increase of SecuSurfs database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -deleteoldwsusentries 60<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ####################### BACKUP&nbsp;
############################<br>
rem
############################################################<br>
rem Export RuleSet and AD_config for backup purposes<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -exportruleset
d:\backups\SecuSurf-Backup-%DATE%.ssf<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ######################## NOVELL
############################<br>
rem
############################################################<br>
rem Update all users, groups and computers from Novells
eDirectory<br>
rem into the SecuSurf database.<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -updatenovell<br>
<br>
<br>
rem
############################################################<br>
rem ################## CHALLENGE RESPONSE
######################<br>
rem
############################################################<br>
rem start the challenge-response dialogue while server is down<br>
rem
############################################################<br>
rem<br>
rem example:<br>
rem start /w SecuSurfAdminWizard.exe -challengeresponse<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### LERN MODES
###########################<br>
rem
############################################################<br>
rem set learnmode on from command line<br>
rem
############################################################<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode 0.0.0.0/0
0.0.0.0/0 60<br>
rem this will add a new learnmode, learning from all IPs, rules<br>
rem are valid for all IPs, learnmode will be on for 60 seconds<br>
rem<br>
rem will work with AD objects, too: $=user, /=host, &amp;=group<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode /host2 0.0.0.0/0
600<br>
rem will add a new learnmode that learn from the computer with<br>
rem the name host2 for 10 minutes.<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -addlearnmode 0.0.0.0/0
0.0.0.0/0 0<br>
rem this will set a learnmode to off<br>
rem
############################################################<br>
rem<br>
rem example: See description<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ##################### Debugging&nbsp;
###########################<br>
rem
############################################################<br>
rem turn Debug Mode on and off from command line<br>
rem
############################################################<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -turndebugmodeon<br>
rem This will turn on debugging, a debug.txt file will be
written<br>
rem to the users temp directory.<br>
rem<br>
rem start /w SecuSurfAdminWizard.exe -turndebugmodeoff<br>
rem This will turn off debugging.<br>
rem
############################################################<br>
rem<br>
rem example: See description<br>
<br>
<br>
<br>
rem
############################################################<br>
rem ######################### REBOOT
###########################<br>
rem
############################################################<br>
rem reboot the SecuSurf Server<br>
rem
############################################################<br>
rem<br>
rem example<br>
rem start /w SecuSurfAdminWizard.exe -rebootserver<br>
<br>
<br>
rem
############################################################<br>
rem Description of exit codes follows.<br>
rem
############################################################<br>
<br>
echo.&amp;goto:eof<br>
<br>
<br>
:messageoutput<br>
if DEFINED logfile echo. %isodate% - %time%:
%~1&gt;&gt;%logfile%<br>
echo. %~1<br>
goto:eof<br>
<br>
:Errorreporting<br>
if %~1 EQU 0 call:messageoutput "Command completed
successfully."<br>
if %~1 EQU 1 call:messageoutput "Command NOT completed
successfully."<br>
if %~1 EQU 101 call:messageoutput "Error accessing the registry.
Does the user have enough rights? Is the password stored in the
registry?"<br>
if %~1 EQU 109 call:messageoutput "The password in the registry
seems to be wrong."<br>
if %~1 EQU 111 call:messageoutput "Another instance of the
AdminWizard is already running. Please use that instance
instead."<br>
if %~1 EQU 112 call:messageoutput "Could not get challenge
information from registry. Please use AdminWizard installation that
had a valid connection to the server before."<br>
if %~1 EQU 125 call:messageoutput "Not all servers available. To
avoid inconsistencies, the command has been aborted."<br>
if %~1 EQU 131 call:messageoutput "The server is in learn mode. The
command has been aborted."<br>
if %~1 EQU 163 call:messageoutput "An error has occured while
generating a new whitelist."<br>
if %~1 EQU 191 call:messageoutput "Server error: Server does not
accept new whitelists."<br>
if %~1 EQU 194 call:messageoutput "The server did not accept the
new whitelist. There is probably an inconsistency in the
whitelist."<br>
if %~1 EQU 195 call:messageoutput "The whitelist has been
activated, but at least one server did not get it. This may result
in an inconsistency of the servers databases."<br>
if %~1 EQU 501 call:messageoutput "Unknown command line
argument."<br>
if %~1 EQU 512 call:messageoutput "File not found."<br>
if %~1 EQU 513 call:messageoutput "File exists. Will not
override."<br>
if %~1 EQU 523 call:messageoutput "Directory not found."<br>
if %~1 EQU 551 call:messageoutput "Active directory update error.
Does the user have enough rights to access the AD?"<br>
goto:eof</span>
  </TD>
</TR>
</TABLE>
</BODY>
</HTML>
